Home
About
Features
Resources
- FAQ
- Release Notes
  - Sensor Release Notes
  - Management Release Notes

Home
About
Features
Contact Us
Resources
- FAQ
- Release Notes
  - Sensor Release Notes
  - Management Release Notes

Frequently Asked Questions

Discover everything you need to know about CYBERSPAN^®, from how it’s deployed to how it safeguards your network, and everything in between.

General Overview

What is CYBERSPAN®?

CYBERSPAN^® is an AI-powered cybersecurity solution developed by IntelliGenesis LLC. Designed for small and medium-sized businesses (SMBs), particularly those in the Defense Industrial Base (DIB), CYBERSPAN^®provides enterprise-grade cyber protection without the complexity of traditional security tools. Using advanced artificial intelligence and machine learning, it continuously analyzes network traffic, detects anomalies, and identifies malicious patterns—offering a proactive defense against evolving cyber threats.

Who is CYBERSPAN® designed for?

CYBERSPAN^® is built for SMBs in the DIB, but its powerful cybersecurity capabilities make it an excellent choice for any organization seeking advanced network protection. It is especially beneficial for businesses without dedicated cybersecurity teams, providing clear event descriptions, mitigation strategies, and next steps in an intuitive interface.

What is the ROI of using CYBERSPAN®?

CYBERSPAN^® delivers enterprise-grade network detection without requiring a security team, cloud infrastructure, or costly integrations. For SMBs, the return on investment comes from reducing breach risk, shortening response times, and gaining cybersecurity maturity at a fraction of traditional costs.

How does CYBERSPAN® differ from other cybersecurity solutions?

CYBERSPAN^® delivers government-grade security expertise to SMBs without requiring complex endpoint software or agent installations. Its AI-driven approach allows it to adapt to each network’s unique patterns, providing customized protection. Additionally, CYBERSPAN^® features explainable AI, offering users clear insights into why specific events were flagged.

Detection & Response

What is the output of CYBERSPAN®?

CYBERSPAN^® provides a real-time dashboard displaying alerts, events, and anomaly patterns. Each event includes supporting evidence, recommended mitigations, and mapping to MITRE ATT&CK tactics, techniques, and procedures (TTPs). Reports and data are also accessible via API and can be exported in formats like STIX and JSON.

Does CYBERSPAN® account for current threat trends?

Yes. CYBERSPAN^® is updated monthly with new detection capabilities aligned to evolving TTPs. It also incorporates external threat intelligence sources like AlienVault and ProofPoint to enrich alerts and stay current with threat actor behavior.

What happens after CYBERSPAN® detects an anomaly?

Once an anomaly is detected, CYBERSPAN^® classifies it, enriches it with contextual data, maps it to known TTPs, and recommends mitigation steps. It also groups related anomalies into events to reduce noise and guide decision-making.

How is feedback delivered to users?

Users receive alerts via the dashboard with detailed context, evidence, and suggested actions. CYBERSPAN^® also supports notification configuration for critical updates and offers the ability to export or integrate feedback into existing workflows.

Does CYBERSPAN® provide remediation?

While CYBERSPAN^® is not a blocking tool, it does offer immediate, actionable mitigation steps for each detected threat. These include firewall rules; helping users take swift, informed action to reduce risk.

Compatibility & Support

Can CYBERSPAN® work with tools I already have?

Yes. CYBERSPAN^® includes a full-featured API that enables direct access to raw data, analytics, and AI-driven threat intelligence. It also supports data export in STIX and JSON formats for seamless integration with Threat Intelligence platforms and SIEMs such as Elastic.

What kind of support does IntelliGenesis offer for CYBERSPAN® users?

IntelliGenesis provides full support during initial setup, along with a training curriculum to ensure users can quickly get up and running. For more details on training and ongoing support, contact our team.

Technology & Architecture

What technologies does CYBERSPAN® use?

CYBERSPAN^® leverages a sophisticated combination of supervised and unsupervised machine learning techniques to detect threats. It uses advanced analytics to identify anomalies and cyberattacks—even without prior knowledge of a network’s normal activity.

How is CYBERSPAN® installed?

CYBERSPAN^® is deployed as a network sensor and can be installed in three ways:

Physical: Hardware installed directly on the network
Virtual: Runs on virtualized resources within the local network
Cloud: Monitors traffic in a cloud environment

How does CYBERSPAN® receive data?

CYBERSPAN^® analyzes network traffic through a direct connection to a customer's networking hardware, typically via a SPAN or Mirror port. This connection sends raw packet traffic to CYBERSPAN® for ingestion and analysis.

Is CYBERSPAN® a standalone tool or does it integrate with other defenses?

CYBERSPAN^® works as a standalone Network Detection and Response (NDR) platform, but it also integrates easily via API with existing SIEMs, threat intel platforms, and logging systems. Event data can be exported in STIX or CSV in addition to API access for easy interoperability with SIEMs such as Elastic.

How do you prevent model drift in CYBERSPAN®?

CYBERSPAN^® uses a controlled, continuous learning approach. Each deployment starts with a burn-in period to baseline "normal" behavior, after which models are retrained on-prem incrementally using validated data, preventing unintentional drift.

How do you secure your AI models?

All AI processing occurs locally; nothing is sent to the cloud. Models are sandboxed within the appliance, and updates are securely signed and controlled by IntelliGenesis. No public exposure of model logic or training data occurs.

Is CYBERSPAN® an agentless EDR?

CYBERSPAN^® is not an EDR. It is an agentless NDR platform that monitors network traffic through SPAN or mirrored ports, allowing visibility into anomalies without installing anything on individual endpoints.

Privacy, Security & Compliance

How does CYBERSPAN® protect the network data it analyzes?

All CYBERSPAN^® processing occurs locally on the deployed sensor within the customer’s network. Raw traffic is never sent to the cloud or external systems, ensuring complete data security and control.

How does CYBERSPAN® mitigate its own attack surface?

CYBERSPAN^® is deployed fully on-premises or in a private environment, without sending data to the cloud. It operates behind your existing firewall, requires no open inbound ports, and does not use agents; greatly minimizing the attack surface.

Can CYBERSPAN® help with regulatory compliance?

Yes. CYBERSPAN^® is currently undergoing IL4 certification, meeting stringent Department of Defense cloud security standards. Its comprehensive monitoring and reporting features also support compliance with various cybersecurity frameworks.

Pricing & Updates

What is the pricing model for CYBERSPAN®?

CYBERSPAN^® offers flexible pricing options tailored to different business sizes and needs. Contact our team for a customized pricing plan.

How often is CYBERSPAN® updated?

CYBERSPAN^® continuously learns and adapts in real time. In addition, it receives regular updates to enhance its threat detection capabilities, address emerging cyber threats, and introduce new features—typically on a monthly schedule.

Didn’t find what you were looking for? Contact Us.

Facebook-f X-twitter Linkedin-in Instagram

Frequently Asked Questions

Useful Links